Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5bdb2025-7181-439f-8bd8-d1091c1f8d72.roa
File:                     5bdb2025-7181-439f-8bd8-d1091c1f8d72.roa (raw, json)
Hash identifier:          TMhfvB4Uh2ZIj0byVUwNoZ/1CFLiE6ClSXHxNK43e24=
Subject key identifier:   B3:18:BA:37:B7:3E:EC:39:A4:CF:E1:9C:D3:34:B4:D5:93:42:6D:20
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       71F0A421CD2401F6D149D3F15F9AD0C448357B4A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5bdb2025-7181-439f-8bd8-d1091c1f8d72.roa
Signing time:             Fri 03 Oct 2025 00:51:11 +0000
ROA not before:           Fri 03 Oct 2025 00:51:11 +0000
ROA not after:            Fri 07 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.249.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:f0:a4:21:cd:24:01:f6:d1:49:d3:f1:5f:9a:d0:c4:48:35:7b:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  3 00:51:11 2025 GMT
            Not After : Nov  7 23:59:59 2025 GMT
        Subject: serialNumber=0332050f53bbd9337a8b046037ed3d2585be60befc213e7bab2ff72ae51433b7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:7d:ea:a3:22:d5:6c:f4:b3:88:ca:73:ed:4a:
                    0c:aa:33:11:38:b5:4d:01:3a:81:5a:26:3e:28:fe:
                    53:4c:ba:1c:8a:31:85:b1:34:bb:df:c8:e6:5c:5c:
                    30:96:d1:a8:ce:b5:b7:0d:43:d9:c3:ac:a4:c0:e4:
                    27:e7:5a:b6:72:df:62:8b:16:b9:b1:3b:01:97:97:
                    df:64:e7:eb:f2:e4:44:eb:f3:9a:4b:c2:ee:f9:44:
                    35:68:88:b8:31:13:cb:34:16:db:9c:99:70:5f:09:
                    c8:d7:0f:ad:66:81:df:3c:80:80:a7:f5:6a:75:16:
                    5c:88:fb:c6:19:82:79:ea:af:da:43:39:3c:a9:1b:
                    69:c2:37:67:d7:81:94:a8:19:14:2c:26:3f:e1:6e:
                    6f:89:0f:5f:ae:78:62:fc:66:13:3f:56:c1:83:11:
                    ae:f1:9c:c9:9f:6c:c3:27:45:f4:73:b7:79:2a:b3:
                    07:ca:71:24:01:4c:48:4c:5e:a1:8e:a9:e6:f5:ea:
                    aa:b9:d2:e6:b5:6d:24:76:40:e7:c4:42:81:56:f5:
                    7c:57:31:e9:10:87:24:a1:cc:f9:7f:5c:94:c9:d0:
                    49:ab:d2:2f:4f:6d:a0:d3:51:e8:5c:2a:cd:87:77:
                    e0:93:f9:12:7c:c3:71:ed:2a:a0:10:af:ea:ea:fe:
                    d4:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:18:BA:37:B7:3E:EC:39:A4:CF:E1:9C:D3:34:B4:D5:93:42:6D:20
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5bdb2025-7181-439f-8bd8-d1091c1f8d72.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:b6:bc:ec:f7:b6:3b:78:60:a1:38:c7:15:b7:f0:15:cb:7a:
         4b:68:7e:b8:14:3a:15:00:8d:35:34:44:d2:8a:56:31:0b:64:
         86:f8:0c:2a:1e:a2:aa:53:80:e9:65:e3:61:91:bc:8a:a9:17:
         5e:14:e1:d1:51:fc:2c:73:41:ee:d0:f9:b8:bb:21:78:2b:9f:
         a8:d3:9e:d7:43:3a:c9:6d:31:6d:0c:09:33:75:88:31:72:18:
         c6:ae:66:b5:0a:22:56:c5:62:06:73:1a:26:0e:ac:69:0d:15:
         4a:32:72:c2:83:ee:fa:59:c0:a7:45:17:aa:74:f8:f7:6c:34:
         d1:cf:2c:c8:63:87:c6:55:b5:2e:a5:bf:b7:23:57:bf:6b:57:
         27:92:bb:73:c5:3b:ca:21:0a:c8:1a:30:fa:a7:c9:6b:99:b8:
         5f:9a:69:67:9f:be:b2:00:23:7d:3e:15:1e:08:dd:d2:c8:36:
         12:ee:f0:d0:54:25:1e:62:87:6d:cc:2f:d4:14:b3:62:1f:aa:
         07:9d:29:c0:15:ad:a3:e4:24:0f:32:c3:8f:9a:45:ac:e7:a9:
         5d:f3:10:53:ee:d3:9f:f4:7b:b9:d0:ec:3b:0d:f1:18:9d:82:
         39:20:da:51:88:d4:8a:4a:fd:34:30:27:c6:08:7f:05:b9:39:
         0c:dc:99:7f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcfCkIc0kAfbRSdPxX5rQxEg1e0owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAzMDA1MTExWhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0AwMzMyMDUwZjUzYmJkOTMzN2E4YjA0NjAzN2VkM2QyNTg1
YmU2MGJlZmMyMTNlN2JhYjJmZjcyYWU1MTQzM2I3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFfeqjItVs9LOIynPtSgyqMxE4tU0BOoFaJj4o/lNMuhyK
MYWxNLvfyOZcXDCW0ajOtbcNQ9nDrKTA5CfnWrZy32KLFrmxOwGXl99k5+vy5ETr
85pLwu75RDVoiLgxE8s0FtucmXBfCcjXD61mgd88gICn9Wp1FlyI+8YZgnnqr9pD
OTypG2nCN2fXgZSoGRQsJj/hbm+JD1+ueGL8ZhM/VsGDEa7xnMmfbMMnRfRzt3kq
swfKcSQBTEhMXqGOqeb16qq50ua1bSR2QOfEQoFW9XxXMekQhyShzPl/XJTJ0Emr
0i9PbaDTUehcKs2Hd+CT+RJ8w3HtKqAQr+rq/tRbAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUsxi6N7c+7Dmkz+Gc0zS01ZNCbSAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzViZGIyMDI1LTcxODEtNDM5Zi04YmQ4LWQxMDkxYzFmOGQ3Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTfkwDQYJKoZIhvcNAQELBQADggEBACy2vOz3tjt4YKE4xxW38BXLekto
frgUOhUAjTU0RNKKVjELZIb4DCoeoqpTgOll42GRvIqpF14U4dFR/CxzQe7Q+bi7
IXgrn6jTntdDOsltMW0MCTN1iDFyGMauZrUKIlbFYgZzGiYOrGkNFUoycsKD7vpZ
wKdFF6p0+PdsNNHPLMhjh8ZVtS6lv7cjV79rVyeSu3PFO8ohCsgaMPqnyWuZuF+a
aWefvrIAI30+FR4I3dLINhLu8NBUJR5ih23ML9QUs2IfqgedKcAVraPkJA8yw4+a
RaznqV3zEFPu05/0e7nQ7DsN8Ridgjkg2lGI1IpK/TQwJ8YIfwW5OQzcmX8=
-----END CERTIFICATE-----